Re: ipfw parsing bug
From: Maxim Konovalov (maxim_at_macomnet.ru)
Date: 08/28/03
- Previous message: Petri Helenius: "ipfw parsing bug"
- In reply to: Petri Helenius: "ipfw parsing bug"
- Next in thread: Petri Helenius: "Re: ipfw parsing bug"
- Reply: Petri Helenius: "Re: ipfw parsing bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 29 Aug 2003 00:07:01 +0400 (MSD) To: Petri Helenius <pete@he.iki.fi>
On Thu, 28 Aug 2003, 23:01+0300, Petri Helenius wrote:
>
> ipfw seems to have developed a bug lately on 5-CURRENT;
> # ipfw add 2042 allow tcp from 0.0.0.0/0 to me
> 42
> 02042 allow tcp from me to me dst-port 42
>
> It used to work that 0.0.0.0/0 was "any" instead of "me". Last I checked
> the notation is also widely used in networking gear for default route which
> is a "catch any" definition.
Known ipfw2 bug. Try this:
Index: ipfw2.c
===================================================================
RCS file: /home/ncvs/src/sbin/ipfw/ipfw2.c,v
retrieving revision 1.38
diff -u -r1.38 ipfw2.c
--- ipfw2.c 21 Jul 2003 09:56:05 -0000 1.38
+++ ipfw2.c 28 Jul 2003 15:51:26 -0000
@@ -2046,7 +2046,7 @@
errx(EX_DATAERR, "not any never matches");
}
/* else do nothing and skip this entry */
- continue;
+ return;
}
/* A single IP can be stored in an optimized format */
if (d[1] == IP_MASK_ALL && av == NULL && len == 0) {
%%%
-- Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Petri Helenius: "ipfw parsing bug"
- In reply to: Petri Helenius: "ipfw parsing bug"
- Next in thread: Petri Helenius: "Re: ipfw parsing bug"
- Reply: Petri Helenius: "Re: ipfw parsing bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
